EU law recital

Recital 89

This page is part of LegalViz.EU, a tool that helps readers move through EU legislation more quickly and understand its structure.

Navigate this law: Law overview · Articles · Annexes

Previous recital · Next recital · Start with Article 1

Essential and important entities should adopt a wide range of basic cyber hygiene practices, such as zero-trust principles, software updates, device configuration, network segmentation, identity and access management or user awareness, organise training for their staff and raise awareness concerning cyber threats, phishing or social engineering techniques. Furthermore, those entities should evaluate their own cybersecurity capabilities and, where appropriate, pursue the integration of cybersecurity enhancing technologies, such as artificial intelligence or machine-learning systems to enhance their capabilities and the security of network and information systems.